1y ago

If i use a good vpn and adblocking do i need a pi-hole?

What would i lose or gain?

25 comments

A pi-hole simply black holes DNS lookups from known advertising networks and malicious domains, so your computer is unable to connect to those domains. This is good because you probably want to block those domains, but it doesn't protect against everything. Adblocking in browser using uBlock Origin will achieve similar results, but only applies to the browser, not other applications on your computer, or say your phone or IoT device on the same network, which does DNS lookups via pi-hole. Both pi-hole and uBlock Origin do not provide any protection from hiding your real IP or your location. This is where a VPN comes in.
Personally, at the router, I black hole a minimal set of hosts from lists I know I will never want anything connecting to. For example, you could use one of the OISD lists: https://oisd.nl/. Then in your browser, you can add uBlock Origin and add more lists which you can selectively allow on websites. uBlock Origin has lists which block against internet annoyances, which pi-hole can't block against (since it's blocking DOM objects, and not DNS lookups). This is also useful because it's easier to control uBlock Origin in the browser, and you can disable it for only some sites. Adding a VPN in addition to this satisfies IP and location hiding, which you can add on the whole router if it supports that, or just your computer/browser if you want.
- Thanks, good answer. The ISP's router won't run a VPN. If i ran a VPN on the pi-hole machine would that cover all devices on the network?
  
  I don't think so, since the pi-hole (running on a raspberry pi or other computer) just acts as a DNS server which you configure as the DNS to be assigned to clients as they connect to the router.
  If you're not able to configure a VPN on the router, then setting up a VPN on the computer you're using, not the raspberry pi, is the only option. This would only mask your computer's IP address. This would need to be repeated on your phone and other devices as well.
- So pi-hole is essentially the same as something like NextDNS, just self hosted?
  
  That's it. Self hosted, personalisable, and that can be used network-wide (as a DHCP server) AND as a VPN (in correlation with piVPN)

It depends on what you're trying to do. What exactly are you concerned about?
Most 'adblocking' is only in a desktop browser unless you use solutions like pi-hole or some alternative. Pi hole can help block some apps, services, and other devices on your home network from doing certain types of communicating in addition to blocking certain ad-related connections.
- More of a general security/privacy kind of thing. Nooby trying to understand.
  
  pi-hole or some variant can definitely help in some situations. For example, if you care about your computer OS or your TV phoning home, it may block some of those (with the right list).
  It may also block some ads on other devices too, but many places are working around this by tunneling the ad data through their servers.
- Thank you

If you are using a vpn all the time, then I would not bother with pi-hole.
The vpn will use its own dns most likely. If you use your home dns that may make the vpn less private.
But pihole can block others apps telemetry, not just stuff in the browser. For example, it can block windows stuff.
Also, it has been able to block ads in apps.
- Thank you :)

The main difference to my knowledge between an ad blocker and pihole is while a ad blocker downloads the ad but doesn't show it a pihole blocks it from being downloaded.
In addition you can block anything(not just ads) so if you want to say block reddit you could add *.reddit.com to the block list and it will block it even though it's not a ad service.
- A good adblocker like ublock origin would bit download the ad. It is just as effective as DNS based blocking (pi-hole) with the added feature of also being able to do script blocking and cosmesic blocking.
- uBlock Origin does actually block network requests before they leave your browser. The main difference is that Pi-hole can block requests from any application on all your networked devices. Theoretically you can achieve the same effect of a Pi-hole with a hosts file (except DNS caching), but that would involve setting up and maintaining one on every device you own... if that's even possible (looking at you, Android and IOS)
  
  My thanks
- Thank you :)

Secondary question: Using a VPN on the same pi-hole?

All three Privacy Guides recommended VPNs have ad- and tracking-blocking built-in with varying degree of customisation options. This feature can cover the basic benefits a PiHole would give you. If you want more control, I would suggest testing a tool like NextDNS instead of PiHole which gives you a custom DNS address you can set with some VPN providers, offering smoother interplay.
- Thank you, that's the plan

25 comments